I was expecting a larger than normal patch deployment for October as this is a five-week cycle due to the day it fell on, so this month we have a LOT of patches going out.
|
Bulletin ID
|
Maximum Severity Rating
|
Vulnerability Impact
|
Restart Requirement
|
Affected Software*
|
|
Bulletin 1
|
Critical
|
Remote Code Execution
|
Requires restart
|
Microsoft Windows Vista and Windows Server 2008
|
|
Bulletin 2
|
Critical
|
Remote Code Execution
|
May require restart
|
Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
|
|
Bulletin 3
|
Critical
|
Remote Code Execution
|
May require restart
|
Microsoft Windows 2000, Windows XP, and Windows Server 2003
|
|
Bulletin 4
|
Important
|
Remote Code Execution
|
May require restart
|
Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
|
|
Bulletin 5
|
Critical
|
Remote Code Execution
|
Requires restart
|
Internet Explorer on Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
|
|
Bulletin 6
|
Critical
|
Remote Code Execution
|
May require restart
|
Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
|
|
Bulletin 7
|
Important
|
Spoofing
|
Requires restart
|
Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
|
|
Bulletin 8
|
Important
|
Remote Code Execution
|
Requires restart
|
Microsoft Windows 2000, Windows XP, and Windows Server 2003
|
|
Bulletin 9
|
Important
|
Elevation of Privilege
|
Requires restart
|
Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008
|
|
Bulletin 10
|
Important
|
Denial of Service
|
Requires restart
|
Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
|
|
Bulletin 11
|
Critical
|
Remote Code Execution
|
May require restart
|
Microsoft Office Outlook 2002, Outlook 2003, Outlook 2007, Visio Viewer 2002, Visio Viewer 2003, and Visio Viewer 2007
|
|
Bulletin 12
|
Critical
|
Remote Code Execution
|
May require restart
|
Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, and
Microsoft Silverlight 2
|
|
Bulletin 13
|
Critical
|
Remote Code Execution
|
May require restart
|
Microsoft Windows, Microsoft Office, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront
|
What does this mean to us that have to turn the handle? Probably a very large deployment package that needs to go out to all our DP's. If your secondaries are low on disk space I'd suggest freeing some up in readiness for this months deployment. Using my crystal ball, I can envision this deployment package being several hundred MB's. Also, if you haven't already then you should be looking at removing some of those old deployment packages (2007\2008), and rolling the non-superceded patches in to a sustainer deployment package to whittle down the size of your existing deployment packages.
Check out the October Security Bulletin to get more information on these patches
http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx
Read the complete post at http://wmug.co.uk/blogs/r0b/archive/2009/10/09/october-2009-microsoft-security-bulletins.aspx